krb5.git/src/lib/kdb, branch proxymech

make depend

2013-03-24T05:30:33+00:00

Fix condition with empty body

2013-03-15T06:01:51+00:00

Found by clang's warnings.

ticket: 7591 (new)
target_version: 1.11.2
tags: pullup

Modernize k5buf

2013-02-14T16:42:28+00:00

Rename the krb5int_buf_ family of functions to use the k5_ prefix for
brevity.  Reformat some k5buf implementation code to match current
practices.

Add and use k5memdup, k5memdup0 helpers

2013-02-09T05:43:35+00:00

Add k5-int.h static functions to duplicate byte ranges, optionally
with a trailing zero byte, and set an error code like k5alloc does.
Use them where they would shorten existing code.

Adjust kdb5.c check for ulog being mapped

2013-01-24T18:13:36+00:00

Check the ulog pointer, which is a little more direct, rather than the
ulogfd field.  (ulogfd is currently initialized to 0 prior to
ulog_map; we could fix that instead, but this feels simpler.)

Remove ulog_check(); the ulog is not a DB journal

2013-01-23T19:46:06+00:00

The db2 DB is not power-fail safe.  There's no point trying to
replay an incompletely committed entry from the ulog at kadmind
startup time.  For that matter, even if the db2 DB was power-fail
safe there'd be no point replaying an uncommitted entry from the
ulog as the libkadm5srv app (nor any client of it, as in the case of
kadmind) will not have received any notice of success -- it'd be
wrong to complete that operation later when the user thought it'd
failed.

[ghudson@mit.edu: merge with master, adjust comment]

ticket: 7552 (new)

Propagate policy changes over iprop via full dump

2013-01-23T03:34:48+00:00

Since iprop cannot carry policy changes, force a full resync to happen
each time a policy change occurs.  Based on a patch from
Richard Basch .

ticket: 7522

Fix iprop log reinitialization

2013-01-22T22:49:50+00:00

If the master iprop log is reinitialized to serial number 0, slaves
will need to take a full dump--but after that happens, we need to know
whether the slave has taken that full dump, we we don't offering full
dumps indefinitely.

So, record a timestamp in kdb_last_time when we reinitialize the log
header, and compare the slave timestamp to kdb_last_time whenever it
has the current serial number, even if it's 0.  Test this by
performing a propagation with sno 0 in t_iprop.py and detecting
whether kpropd gets a second UPDATE_FULL_RESYNC_NEEDED response from
kadmind.

ticket: 7550 (new)

Modernize style of kdb_log.c

2013-01-22T22:49:49+00:00

ulog_get_entries had an unreachable branch which was removed during
de-indentation.

Clean up iprop flow control in kdb5.c

2013-01-18T07:01:55+00:00

Add a helper predicate to determine whether to log operations.  In the
predicate, check if the ulog is actually mapped.  Use a single cleanup
label in krb5_db_put_principal.  Use a cleanup label in
krb5_db_delete_principal instead of releasing resources individually
at each exit point.  Avoid locking and unlocking the ulog if we're not
logging (although it would be a no-op).

Based on a patch from Nico Williams .